<?xml version="1.0" encoding="utf-8"?>
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN"
    "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml" xml:lang="en" lang="en">
<head>
    <title>ActionView::Helpers::CsrfHelper</title>
    <meta http-equiv="Content-Type" content="text/html; charset=UTF-8" />
    <link rel="stylesheet" href="../../../css/reset.css" type="text/css" media="screen" />
<link rel="stylesheet" href="../../../css/main.css" type="text/css" media="screen" />
<link rel="stylesheet" href="../../../css/github.css" type="text/css" media="screen" />
<script src="../../../js/jquery-1.3.2.min.js" type="text/javascript" charset="utf-8"></script>
<script src="../../../js/jquery-effect.js" type="text/javascript" charset="utf-8"></script>
<script src="../../../js/main.js" type="text/javascript" charset="utf-8"></script>
<script src="../../../js/highlight.pack.js" type="text/javascript" charset="utf-8"></script>

</head>

<body>     
    <div class="banner">
        
            <span>Ruby on Rails v4.0.0</span><br />
        
        <h1>
            <span class="type">Module</span> 
            ActionView::Helpers::CsrfHelper 
            
        </h1>
        <ul class="files">
            
            <li><a href="../../../files/actionpack/lib/action_view/helpers/csrf_helper_rb.html">actionpack/lib/action_view/helpers/csrf_helper.rb</a></li>
            
        </ul>
    </div>
    <div id="bodyContent">
        <div id="content">
  


  


  
  


  


  
    <!-- Method ref -->
    <div class="sectiontitle">Methods</div>
    <dl class="methods">
      
        <dt>C</dt>
        <dd>
          <ul>
            
              
              <li>
                <a href="CsrfHelper.html#method-i-csrf_meta_tag">csrf_meta_tag</a>,
              </li>
            
              
              <li>
                <a href="CsrfHelper.html#method-i-csrf_meta_tags">csrf_meta_tags</a>
              </li>
            
          </ul>
        </dd>
      
    </dl>
  

  



  

    

    

    


    


    <!-- Methods -->
        
      <div class="sectiontitle">Instance Public methods</div>
      
        <div class="method">
          <div class="title method-title" id="method-i-csrf_meta_tag">
            
              <b>csrf_meta_tag</b>()
            
            <a href="CsrfHelper.html#method-i-csrf_meta_tag" name="method-i-csrf_meta_tag" class="permalink">Link</a>
          </div>
          
          
            <div class="description">
              <p>For backwards compatibility.</p>
            </div>
          
          
          
          
          
          </div>
        
        <div class="method">
          <div class="title method-title" id="method-i-csrf_meta_tags">
            
              <b>csrf_meta_tags</b>()
            
            <a href="CsrfHelper.html#method-i-csrf_meta_tags" name="method-i-csrf_meta_tags" class="permalink">Link</a>
          </div>
          
          
            <div class="description">
              <p>Returns meta tags “csrf-param” and “csrf-token” with the name of the
cross-site request forgery protection parameter and token, respectively.</p>

<pre>&lt;head&gt;
  &lt;%= csrf_meta_tags %&gt;
&lt;/head&gt;</pre>

<p>These are used to generate the dynamic forms that implement non-remote
links with <code>:method</code>.</p>

<p>Note that regular forms generate hidden fields, and that Ajax calls are
whitelisted, so they do not use these tags.</p>
            </div>
          
          
          
            <div class="aka">
              Also aliased as: <a href="CsrfHelper.html#method-i-csrf_meta_tag">csrf_meta_tag</a>
            </div>
          
          
          
            
            <div class="sourcecode">
              
              <p class="source-link">
                Source: 
                <a href="javascript:toggleSource('method-i-csrf_meta_tags_source')" id="l_method-i-csrf_meta_tags_source">show</a>
                
                  | <a href="https://github.com/rails/rails/blob/9cecb2db16fc2bde3dd489775d4642a469b9bf53/actionpack/lib/action_view/helpers/csrf_helper.rb#L17" target="_blank" class="github_url">on GitHub</a>
                
              </p>
              <div id="method-i-csrf_meta_tags_source" class="dyn-source">
                <pre><span class="ruby-comment"># File actionpack/lib/action_view/helpers/csrf_helper.rb, line 17</span>
<span class="ruby-keyword">def</span> <span class="ruby-keyword ruby-title">csrf_meta_tags</span>
  <span class="ruby-keyword">if</span> <span class="ruby-identifier">protect_against_forgery?</span>
    [
      <span class="ruby-identifier">tag</span>(<span class="ruby-string">'meta'</span>, <span class="ruby-value">:name</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-string">'csrf-param'</span>, <span class="ruby-value">:content</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">request_forgery_protection_token</span>),
      <span class="ruby-identifier">tag</span>(<span class="ruby-string">'meta'</span>, <span class="ruby-value">:name</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-string">'csrf-token'</span>, <span class="ruby-value">:content</span> =<span class="ruby-operator">&gt;</span> <span class="ruby-identifier">form_authenticity_token</span>)
    ].<span class="ruby-identifier">join</span>(<span class="ruby-string">&quot;\n&quot;</span>).<span class="ruby-identifier">html_safe</span>
  <span class="ruby-keyword">end</span>
<span class="ruby-keyword">end</span></pre>
              </div>
            </div>
            
          </div>
                    </div>

    </div>
  </body>
</html>    